Chinese hackers steal data from US defence contractors

Computer systems of several US airlines as well as multiple technology companies associated with US military have been breached by Chinese state-sponsored hackers.

The US Senate Armed Services Committee discovered the attacks during a year-long probe, which had been concluded in March but only made public on Wednesday.

The report identified approximately 50 intrusions carried out over a 12-month period beginning on 1 June, 2012.

The attacks targeted contractors of US Transportation Command (Transcom), associated with the movement of US troops and military equipment. According to the 52-page report, the hackers managed to get hold of passwords and documents and compromised emails and computer code.

At least 20 of those intrusions were attributed to an "advanced persistent threat," a term used to designate sophisticated threats commonly associated with attacks against governments.

"These peacetime intrusions into the networks of key defence contractors are more evidence of China's aggressive actions in cyberspace," Democratic Senator Carl Levin of Michigan, the committee's chairman, said upon releasing the report.

The inquiry identified gaps in reporting requirements and a lack of information sharing among US government entities. That in turn left the US military largely unaware of computer compromises of its contractors even in cases where these firms were aware of the attacks.

Chinese Foreign Ministry spokesman Hong Lei denied the accusations, maintaining that neither the country’s government nor the military supported hacking. Quite on the contrary, he hinted the US is using such accusations to divert the public’s attention from cyber-attacks it itself is conducting against China.

"The criticism of China by the United States is baseless and ill founded," Hong said. "We demand that the United States stops its irresponsible criticism of China, stop its widespread, systematic Internet attack activities and do more to maintain Internet peace and tranquillity."

Cyber security expert Dmitri Alperovitch, chief technology officer with the security firm CrowdStrike, said China had for years shown a keen interest in the logistical patterns of the US military.

The investigation focused on the US military's ability to seamlessly tap civilian air, shipping and other transportation assets for tasks including troop deployments and the timely arrival of supplies from food to ammunition to fuel.

Those companies typically do not have the level of defence against hackers as major weapons makers or the military itself.

"The military uses secret or top-secret networks that are not on the Internet, but private companies do not," said Alperovitch. "That's a real challenge."

The FBI said in a statement that it "continues to aggressively investigate cyber intrusions emanating from state-sponsored actors and other criminals.

"We remain committed to working with our interagency partners to identify threats, protect the nation's infrastructure from potential harm, and hold accountable those groups and individuals that pose a threat in cyberspace," the statement added.

The Senate probe could further increase tensions between the two world powers over cyber spying.

In May, US authorities charged five Chinese military officers for hacking into American nuclear, metal and solar companies to steal trade secrets.

Last month, Community Health Systems, one of the largest US hospital groups, said Chinese hackers had stolen Social Security numbers and other personal data from some 4.5 million patients.